More red faces for EC webbos

Hackers deface EC’s safe surfing website

By Joris Evers | 13 June 01

Dutch hackers yesterday evening defaced SaferInternet.org, an EC-sponsored website that promotes safer internet practice. Security on the site was increased just last week after possible vulnerabilities were exposed by other hackers.

Cyber vandals left a message taunting the server administrators and law enforcement agents. "This is our world! We are god and we make the rulezzzzz Happy finding us! The Netherlands is tha place," ran the message.

Hackers also inserted two hyperlinks, one to a website for Hackers at Large 2001, an event to be held in the Netherlands in August, and one to a database elsewhere on SaferInternet.org. The database, which can be accessed by following the link, contains about 475 email addresses of people who subscribe to the SaferInternet.org mailing list, according to a security expert who examined the database.

The hack is a slap in the face to the EC and its contractor, Birmingham-based Ecotec Research and Consulting. Hackers last week identified two holes in the site's security. These were acknowledged by Ecotec and swiftly patched. The holes were caused by known vulnerabilities in Microsoft's Internet Information Server which is widely used to serve websites.

Officials at Ecotec and the EC couldn't immediately be reached for comment.

SaferInternet.org was launched last month by the EC, which functions as the executive body of the 15-member European Union. The website is part of a campaign to make the internet 'safer' for European citizens and businesses, and is specifically aimed at eradicating internet content that's illegal or considered harmful.

Last week the EC said it was drafting an anti-hacking law as part of a series of proposals intended to increase the level of information security in Europe.